research-cache

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation states the /research command "discovers external repositories" and that repositories are cloned and analyzed by the focused-repository-analyzer (see "Overview" and "Integration with /research Command" Step 3.5/3.6), meaning the agent fetches and interprets untrusted, third-party repository content that can influence later actions.